diff --git a/app/Lio/Markdown/HtmlMarkdownConvertor.php b/app/Lio/Markdown/HtmlMarkdownConvertor.php
index 7b2cafc0c..1e641eddf 100644
--- a/app/Lio/Markdown/HtmlMarkdownConvertor.php
+++ b/app/Lio/Markdown/HtmlMarkdownConvertor.php
@@ -2,6 +2,7 @@
use HTML_To_Markdown;
use Michelf\MarkdownExtra;
+use Purifier;
class HtmlMarkdownConvertor
{
@@ -24,6 +25,7 @@ public function convertHtmlToMarkdown($html)
public function convertMarkdownToHtml($markdown)
{
- return $this->markdownParser->transform($markdown);
+ $html = $this->markdownParser->transform($markdown);
+ return Purifier::clean($html, 'markdown');
}
}
\ No newline at end of file
diff --git a/app/config/app.php b/app/config/app.php
index 767223e34..806680ee4 100644
--- a/app/config/app.php
+++ b/app/config/app.php
@@ -111,6 +111,7 @@
'McCool\LaravelAutoPresenter\LaravelAutoPresenterServiceProvider',
'McCool\DatabaseBackup\ServiceProviders\LaravelServiceProvider',
'Artdarek\OAuth\OAuthServiceProvider',
+ 'Mews\Purifier\PurifierServiceProvider',
'Lio\ServiceProviders\GithubServiceProvider',
'Lio\ServiceProviders\CommentServiceProvider',
@@ -185,6 +186,7 @@
'Profiler' => 'Juy\Profiler\Facades\Profiler',
'OAuth' => 'Artdarek\OAuth\Facade\OAuth',
'GitHub' => 'Lio\GitHub\GitHubFacade',
+ 'Purifier' => 'Mews\Purifier\Facades\Purifier',
),
);
diff --git a/app/config/packages/mews/purifier/.gitkeep b/app/config/packages/mews/purifier/.gitkeep
new file mode 100644
index 000000000..e69de29bb
diff --git a/app/config/packages/mews/purifier/config.php b/app/config/packages/mews/purifier/config.php
new file mode 100644
index 000000000..968b5ced4
--- /dev/null
+++ b/app/config/packages/mews/purifier/config.php
@@ -0,0 +1,31 @@
+ 'UTF-8',
+ 'finalize' => true,
+ 'preload' => false,
+ 'settings' => array(
+ 'default' => array(
+ 'HTML.Doctype' => 'XHTML 1.0 Strict',
+ 'HTML.Allowed' => 'div,b,strong,i,em,a[href|title],ul,ol,li,p[style],br,span[style],img[width|height|alt|src]',
+ 'CSS.AllowedProperties' => 'font,font-size,font-weight,font-style,font-family,text-decoration,padding-left,color,background-color,text-align',
+ 'AutoFormat.AutoParagraph' => true,
+ 'AutoFormat.RemoveEmpty' => true,
+ ),
+ 'markdown' => array(
+ 'HTML.Doctype' => 'XHTML 1.0 Strict',
+ 'HTML.Allowed' => 'div,b,strong,i,em,a[href|title],ul,ol,li,p[style],br,span[style],img[width|height|alt|src],*[style|class],pre,code,h1,h2,h3,h4,h5,h6,blockquote',
+ 'CSS.AllowedProperties' => 'font,font-size,font-weight,font-style,font-family,text-decoration,padding-left,color,background-color,text-align',
+ 'AutoFormat.AutoParagraph' => true,
+ 'AutoFormat.RemoveEmpty' => true,
+ )
+ ),
+);
diff --git a/composer.json b/composer.json
index 8b4830418..912284695 100644
--- a/composer.json
+++ b/composer.json
@@ -11,7 +11,8 @@
"michelf/php-markdown": "1.4.*",
"nickcernis/html-to-markdown": "2.1.*",
"misd/linkify": "1.1.*",
- "hashids/hashids": "0.3.*@dev"
+ "hashids/hashids": "0.3.*@dev",
+ "mews/purifier": "1.0.*"
},
"require-dev": {
"phpunit/phpunit": "4.2.*",
diff --git a/composer.lock b/composer.lock
index 6ed029a78..d5dd160f2 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
"Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
- "hash": "ec4289ac953ef40e15eac74c606cbd6d",
+ "hash": "4631eaeb850f4c34f0c6e0a3c228a3d2",
"packages": [
{
"name": "artdarek/oauth-4-laravel",
@@ -124,16 +124,16 @@
},
{
"name": "barryvdh/laravel-debugbar",
- "version": "v1.6.7",
+ "version": "v1.6.8",
"source": {
"type": "git",
"url": "https://github.com/barryvdh/laravel-debugbar.git",
- "reference": "ccf9ababfb2b5ddbf8c3ece2ca3fc9989b11ec0d"
+ "reference": "6668cf335a7b6461debbedc9ed95f2f3784eb537"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/barryvdh/laravel-debugbar/zipball/ccf9ababfb2b5ddbf8c3ece2ca3fc9989b11ec0d",
- "reference": "ccf9ababfb2b5ddbf8c3ece2ca3fc9989b11ec0d",
+ "url": "https://api.github.com/repos/barryvdh/laravel-debugbar/zipball/6668cf335a7b6461debbedc9ed95f2f3784eb537",
+ "reference": "6668cf335a7b6461debbedc9ed95f2f3784eb537",
"shasum": ""
},
"require": {
@@ -171,7 +171,7 @@
"profiler",
"webprofiler"
],
- "time": "2014-08-09 20:41:59"
+ "time": "2014-08-27 08:56:54"
},
{
"name": "classpreloader/classpreloader",
@@ -254,6 +254,51 @@
"notification-url": "https://packagist.org/downloads/",
"time": "2014-01-17 12:21:18"
},
+ {
+ "name": "ezyang/htmlpurifier",
+ "version": "v4.6.0",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/ezyang/htmlpurifier.git",
+ "reference": "6f389f0f25b90d0b495308efcfa073981177f0fd"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/6f389f0f25b90d0b495308efcfa073981177f0fd",
+ "reference": "6f389f0f25b90d0b495308efcfa073981177f0fd",
+ "shasum": ""
+ },
+ "require": {
+ "php": ">=5.2"
+ },
+ "type": "library",
+ "autoload": {
+ "psr-0": {
+ "HTMLPurifier": "library/"
+ },
+ "files": [
+ "library/HTMLPurifier.composer.php"
+ ]
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "LGPL"
+ ],
+ "authors": [
+ {
+ "name": "Edward Z. Yang",
+ "email": "admin@htmlpurifier.org",
+ "homepage": "http://ezyang.com",
+ "role": "Developer"
+ }
+ ],
+ "description": "Standards compliant HTML filter written in PHP",
+ "homepage": "http://htmlpurifier.org/",
+ "keywords": [
+ "html"
+ ],
+ "time": "2013-11-30 08:25:19"
+ },
{
"name": "filp/whoops",
"version": "1.0.10",
@@ -873,6 +918,52 @@
],
"time": "2014-06-05 12:56:14"
},
+ {
+ "name": "mews/purifier",
+ "version": "1.0.1",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/mewebstudio/Purifier.git",
+ "reference": "5750567e1213edeb39683b0e35b9cac2ad5d9a38"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/mewebstudio/Purifier/zipball/5750567e1213edeb39683b0e35b9cac2ad5d9a38",
+ "reference": "5750567e1213edeb39683b0e35b9cac2ad5d9a38",
+ "shasum": ""
+ },
+ "require": {
+ "ezyang/htmlpurifier": "4.6.*",
+ "illuminate/support": "4.*",
+ "php": ">=5.3.0"
+ },
+ "type": "library",
+ "autoload": {
+ "psr-0": {
+ "Mews\\Purifier": "src/"
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "LGPL"
+ ],
+ "authors": [
+ {
+ "name": "Muharrem ERIN",
+ "email": "me@mewebstudio.com"
+ }
+ ],
+ "description": "HTMLPurifier Package for Laravel 4",
+ "homepage": "http://github.com/mewebstudio/Purifier",
+ "keywords": [
+ "L4",
+ "Laravel 4",
+ "Purifier",
+ "htmlpurifier",
+ "laravel"
+ ],
+ "time": "2014-01-25 20:20:17"
+ },
{
"name": "michelf/php-markdown",
"version": "1.4.1",
@@ -1045,16 +1136,16 @@
},
{
"name": "nesbot/carbon",
- "version": "1.10.0",
+ "version": "1.11.0",
"source": {
"type": "git",
"url": "https://github.com/briannesbitt/Carbon.git",
- "reference": "9b42a1aec56011c2ac4d75c0ddad0794762344fc"
+ "reference": "2b60366be6dcb9f9cd3e244ab25eb98eaea99551"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/9b42a1aec56011c2ac4d75c0ddad0794762344fc",
- "reference": "9b42a1aec56011c2ac4d75c0ddad0794762344fc",
+ "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/2b60366be6dcb9f9cd3e244ab25eb98eaea99551",
+ "reference": "2b60366be6dcb9f9cd3e244ab25eb98eaea99551",
"shasum": ""
},
"require": {
@@ -1087,7 +1178,7 @@
"datetime",
"time"
],
- "time": "2014-07-18 03:44:47"
+ "time": "2014-08-26 03:18:44"
},
{
"name": "nickcernis/html-to-markdown",
@@ -2389,16 +2480,16 @@
},
{
"name": "ocramius/instantiator",
- "version": "1.1.2",
+ "version": "1.1.3",
"source": {
"type": "git",
"url": "https://github.com/Ocramius/Instantiator.git",
- "reference": "a7abbb5fc9df6e7126af741dd6c140d1a7369435"
+ "reference": "e24a12178906ff2e7471b8aaf3a0eb789b59f881"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/Ocramius/Instantiator/zipball/a7abbb5fc9df6e7126af741dd6c140d1a7369435",
- "reference": "a7abbb5fc9df6e7126af741dd6c140d1a7369435",
+ "url": "https://api.github.com/repos/Ocramius/Instantiator/zipball/e24a12178906ff2e7471b8aaf3a0eb789b59f881",
+ "reference": "e24a12178906ff2e7471b8aaf3a0eb789b59f881",
"shasum": ""
},
"require": {
@@ -2440,7 +2531,7 @@
"constructor",
"instantiate"
],
- "time": "2014-08-14 15:10:55"
+ "time": "2014-08-25 14:48:16"
},
{
"name": "ocramius/lazy-map",
@@ -3203,6 +3294,7 @@
"stability-flags": {
"hashids/hashids": 20
},
+ "prefer-stable": false,
"platform": [
],